Ransomware Attack: The Colonial Pipeline Hack Reports Linkage With A VPN account

The Colonial Pipeline ransomware hack reportedly has links with the compromised credentials of a legacy VPN account after hackers gained access to the network.

According to media reports, the pipeline ransomware hack resulted in gas shortages and a $4.4 payoff to the attackers across the Southeast.

Turton, a FireEye security researcher, revealed that the suspicious activity on the Colonial Pipeline’s network began on April 29th.

The hack that took down the largest fuel pipeline in the U.S. and led to shortages across the East Coast was the result of a single compromised password. https://t.co/2bN9Wza4GN

Advertisement

— William Turton (@WilliamTurton) June 4, 2021

However, the researcher was unable to confirm how the attackers accessed the login. There seems to be no evidence of phishing attempts, sophisticated or otherwise.

They eventually discovered that the employee’s password was present in a dump of login shared on the dark web. However, by reusing the username with the attacker, they could find out how they got in.

Moreover, the U.S. Justice Department recently announced it is planning to elevate ransomware cases to the same priority assigned to terrorism cases.

Also, Ransomware has become a formidable problem for the Biden administration, particularly after the Colonial Pipeline attack.

A week after the pipeline attack reported, it appeared with a message on Capital Pipeline’s computer screens. The staff began to shut down operations.

The shutdown left a massive impression that the Pipeline’s CEO is scheduled to appear in front of the congressional community. The ransomware cases have been centralized by DoJ in a similar way to terrorism cases.

Also Read

Ransomware Attack cripples US health and emergency networks: FBI

The Federal Bureau of Investigation (FBI) has revealed that the ransomware group...